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DETAILED ACTION 

1. This office action is in reply to an amendment filed on May 02, 2007. 
All independent claims namely claims 1, 5 and 7 are amended. 

New claims 13-20 are added. Thus claims 1-20 are now pending/examined. 

Priority 

2. This application claims priority of a provisional application 60502452 filed on 
09/12/2003. Therefore, the effective filling data for the subject matter defined 
in the pending claims of this application is 09/12/2003. 

Response to Arguments 

3. Applicant's remark/ arguments filed on May 02, 2007 have been fully 
considered but they are not persuasive. 

Applicant argument is based on the combination of the references on record 
namely ('Jari' and 'Mercer') used in rejecting the corresponding limitation 
recited in the amended independent claims 1, 5 and 7. Applicant in particular 
argued that the following limitations which is added on the previous 
independent claims 1, 5 and 7 and recited as, "the set of trusted endpolnt 
nodes determined according to a security association re-use policy of the 
node" is neither disclosed by the Jari nor Mercer, the reference/ s on the record. 
Applicant wrote the following in support of his argument. 
"As best can be understood by the Applicant, it would appear that the Examiner is 
stating that any endpoint that communicates using an IPSec SA is a 'trusted' end 
point Applicants have amended the claims to highlight that 'trusted end-points' of 
the claim are identified according to a security association re-use policy. 
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The combination of Jari and Mercer does not distinguish between end-points when 
storing security associations; rather Mercer stores and restores the entire 
database of security associations. 9 
Examiner disagrees with the above argument. 

Examiner would like to point out that the secondary reference on the 
record, Mercer on paragraph 0026 discloses the following. 
"In order to establish the IPSec SA, the first 110 and second 114 gateway 
computers must agree upon an encryption algorithm, an authentication algorithm, 
and have a shared session key. The first 110 and second 114 gateway computers 
must also provide each other with the appropriate SPI value 310, 410 to include in 
the IPSec header portion 304, 404. And all these information/ s meet the limitation 
recited as 'security association re-use policy of the node'. When this is done, the 
IPSec SA has been established, and the first 110 and second 114 gateway 
computers store the SA in respective Security Association Databases (SADs) 116, 
118." 

Furthermore, Examiner would also like to point out that, Mercer on paragraph 
0025, discloses the following. "To establish an IKE SA, the first 110 and 
second 114 gateway computers exchange digital certificates, which have been 
digitally signed by a trusted third party certificate authority 115. 
Thereafter, when the IKE session becomes active, the first 110 and second 114 
gateway computers can establish the IPSec SA". And on paragraph 0026, the 
following has been described. "When this is done, the IPSec SA has been 
established, and the first 110 and second 114 gateway computers store the SA 
in respective Security Association Databases (SADs) 116, 118/ And nodes 
digitally signed by a trusted third party are trusted nodes and meets the 
limitation of "wherein the set of security associations includes only the 
security associations for endpoints nodes that are trusted by the node. 
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Therefore the combinations of these two paragraph meets the limitation recited as 
"the set of trusted endpoint nodes determined according to a security 
association re -use policy of the node/ 
Applicant further presented the following argument. 
One advantage of identifying trusted end-points is described at page 9 of 
Applicant's specification, as 'The SA logic 32 takes advantage of the fact that 
certain endpoints are well known to each node. These endpoints are allowed a 
very fast but secure method to re- establish communications with the node in the 
event of a power failure... " Examples of such trusted end points are provided at 
pages 8-9, and include branch offices, telecommuters, etc. As described on page 
9, line 5 'Re-use policies can also be flexible depending upon the amount of traffic 
the VPN is handling; for example, if the traffic load is light and not many users are 
using the communications channels, the policy may specify that a full IKE 
exchange should be used in the event of a power down..." No such advantage may 
be realized by the combination of Mercer and Jari. 
Examiner also disagrees with the above argument. 

Examiner would like to point out that Jari, the primary reference on the 
record on the Abstract and on paragraph 0037 discloses the following. 
"When a restoration of power to the security gateway is detected following a 
power failure, the controller 6 retrieves the latest security association database 
from the memory 7 and injects it into the volatile memory 5 whose contents were 
lost during the power failure. The security gateway 2 then restore secure 
communication with external users." 

Therefore Jari provides the same advantage that had been argued by the 
applicants which is allowing the endpoints a very fast but secure method to re- 
establish communications with the node in the event of a power failure. 
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Furthermore In response to applicant's argument that the references fail to 
show certain features of applicant's invention, it is noted that the features upon 
which applicant relies (i.e. the advantages that the application provide over the 
prior art on the record) are not recited in the rejected claim(s). Although the 
claims are interpreted in light of the specification, limitations from the 
specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 
26 USPQ2d 1057 (Fed. Cir. 1993). 

In response to applicant's argument that there is no suggestion to combine the 
references, the examiner recognizes that obviousness can only be established by 
combining or modifying the teachings of the prior art to produce the claimed invention 
where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in 
the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d- 1596 (Fed. Cir. 1988)and In re Jones, 
958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). In this case, the motivation to 
combine the two references is indicated at least on paragraph 0012 & 0031 of the 
secondary reference. 

In order to show how each and every limitation of the amended independent 
claims are disclosed by the references on the record. The examiner would show the 
following. 

Referring to independent claims 1 and 5 Jari discloses a method for re- 
establishing secure communications between a node and an endpoint node 
including the steps of: [Abstract and paragraph 0037] (As it is described on the 
abstract, "When a restoration of power to the security gateway is detected following a 
power failure, the controller 6 retrieves the latest security association database from the 
memory 7 and injects it into the volatile memory 5 whose contents were lost during the 
power failure. The security gateway 2 then restore secure communication with 
external users/) 
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• Copying, ["retrieve" see paragraph 0013 and see "injects" on the abstact] 
responsive to a reset at the node, ["restoration of power to the node" see 
paragraph 0013, abstract and 0005] a set of security associations stored in a 
memory ["a volatile memory for containing a security association database 
comprising a plurality of security associations, see paragraph 0005] to a 
working set of security associations ["security association which is injected on 
the volatile memory shown on figure 1 , ref . Num 5] 

Furthermore Jari on paragraph 0032 discloses, the following, "the 
security gateway 2 controls communication between external or mobile users 
and the VPN 1 in accordance with the pre-negotiated security associations in a 
manner which is known and which will therefore not be described further 
and as indicated on paragraph". The manner, which is known, includes the 
IKE SA as described on the secondary reference on column 0024-0026]. On 
paragraph 0025, the following has been described. "To establish ah IKE SA, 
the first 110 and second 114 gateway computers exchange digital certificates, 
which have been digitally signed by a trusted third party certificate 
authority 115. Thereafter, when the IKE session becomes active, the first 110 
and second 1 14 gateway computers can establish the IPSec SA". And on 
paragraph 0026, the following has been described. "When this is done, the IPSec 
SA has been established, and the first 110 and second 114 gateway computers 
store the SA in respective Security Association Databases (SADs) 116, 118/ 
And nodes digitally signed by a trusted third party are trusted nodes and 
meets the limitation of "wherein the set of security associations includes 
only the security associations for endpoints nodes that are trusted by the 
node; 
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Jari does not explicitly discloses 

• wherein the set of security associations includes only the security 
associations for a set of trusted endpoints nodes, the set of trusted 
endpoints nodes determined according to a security association re-use 
policy of the node; 

• Receiving, at the node, a communication from the endpoint node 

• Determining whether a security association for the endpoint node is 
included in the working set of security associations; 

• responsive to a determination that the security association for the 
endpoint node is in the working set of security associations, using the 
security association to process the communication from the endpoint 
node. 

However, in the field of endeavor Mercer discloses, 

• wherein the set of security associations includes only the security 

associations for endpoints nodes that are trusted by the 
node;[paragraph 0025-0026] ("In order to establish the IPSec SA, the first 110 
and second 114 gateway computers must agree upon an encryption algorithm, an 
authentication algorithm, and have a shared session key. The first 110 and 
second 114 gateway computers must also provide each other with the appropriate 
SPI value 310, 410 to include in the IPSec header portion 304, 404. And all these 
information is interpreted as a security association re-use policy of the node. When 
this is done, the IPSec SA has been established, and the first 110 and second 114 
gateway computers store the SA in respective Security Association Databases 
(SADs) 116, 118." Furthermore, Examiner would also like to point out that, Mercer 
on paragraph 0025, discloses the following. "To establish an IKE SA, the first 110 
and second 114 gateway computers exchange digital certificates, which have 
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been digitally signed by a trusted third party certificate authority 115. Thereafter, 
when the IKE session becomes active, the first 110 and second 114 gateway 
computers can establish the IPSec SA". And on paragraph 0026, the following has 
been described. "When this is done, the IPSec SA has been established, and the 
first 110 and second 114 gateway computers store the SA in respective Security 
Association Databases (SADs) 116, 118." And nodes digitally signed by a trusted 
third party are trusted nodes and meets the limitation of ' a wherein the set of 
security associations includes only the security associations for endpoints nodes 
that are trusted by the node. Therefore the combinations of these two paragraph 
meets the limitation recited as "the set of trusted endpoint nodes determined 
according to a security association re-use policy of the node. ") 

• Receiving, at the node [paragraph 0026 and paragraph 0030] (The 
second gate way computer 11 4/ node, receives the Ipsec datagram 300, 400], a 
communication from the endpoint node. [the first gateway computer 

1 1 0/ endpoint node, encrypts each IP datagram 200, forms a new IPSec 
datagram 300,400 and send it to the second gateway computer) 

• Determining whether a security association for the endpoint node is 
included in the working set of security associations; [paragraph 0026 and 
paragraph 0030], (When the second gateway computer 114 receives the IPSec 
datagram 300,400, which is sent from the gateway computer 110/ endpoint node, 
it/ the second gateway computer 11 4/ node, looks up the IPSec SA in the SAD 

11 8/ working set of security associations/ security association Databases, shown 
on figure 1, ref Num 118) 

• responsive to a determination that the security association for the 
endpoint node is in the working set of security associations, using the 
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security association to process the communication from the endpoint 
node. (Paragraph 0026 and paragraph 0030] (It looks up the IPSec SA in its SAD 
118, and this is done in order to determine that the security association for the 
endpoint node/ gateway computer 110/ is already in the SAD 11 8/ working set of 
security associations/ security association Databases and once the determination 
is made, properly processes the datagram, and forwards it to the second 
individual computer workstation 112-1). 

Referring to independent claim 7 J ari discloses a network device including: 

• Security association logic [Abstract, figure 1, ref. 4 and paragraph 
0032] (the security gateway 2 contains a CPU 4 having a volatile memory 5 in 
which stored, among other things, a security association database controlling 
secure communication between the network and external users), coupled to the 
non-volatile memory, [figure 1, ref. Num 7, abstract] for applying security 
associations to communications received by the network device [Abstract] 
(a controller 6 periodically stores the security association database in a disk 
memory 7 or other nonvolatile memory) 

• The security association logic [Figure 1, ref. Num 4] including: 

• a first memory comprising at least one entry, the 
entry comprising an endpoint identifier for each endpoint 
communicating with the network device and a security association 
associated with the each endpoint; [paragraph 0032] (The security 
gateway 2 comprises a central processing unit (CPU) 4 in the form of one or 
more programmable data processors controlled by a stored program. The 
CPU 4 includes a volatile memory 5, for example in the form of random 
access memory (RAM), for storing temporary values generated during 
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operation of the CPU 4 in accordance with normal programmed data 
processor or computer techniques. During normal operation of the security 
gateway 2, the volatile memory contains, among other things, a security 
association database (SAD) in the form of a plurality of security 
associations. For example, each security association may comprise a 
header sequence number, encryption and authentication 
algorithms and parameters, and lifetime information for the 
security association. The security gateway 2 controls communication 
between external or mobile users and the VPN 1 in accordance with the 
pre-negotiated security associations in a manner which is known and 
which will therefore not be described further.) and 

• A second memory [Figure 1, ref. Num 7], storing a subset of 
data of the first memory, the subset of data selected according to the list 
of trusted endpoints [Figure 1, ref. Num 5] (The security gateway 2 contains a 
CPU 4 having a volatile memory 5/ first memory, in which is stored, among other 
things, a security association database for controlling secure communications 
between the network and external users. A controller 6 periodically stores the 
security association database in a disk memory 7 or other nonvolatile 
memory/ second memory) 

Furthermore Jari on paragraph 0032 discloses, the security gateway 2 
controls communication between external or mobile users and the VPN 1 in 
accordance with the pre-negotiated security associations in a manner which is 
known and which will therefore not be described further and as indicated 
on paragraph". The manner, which is known, includes the IKE SA as described 
on the secondary reference on column 0024-0026]. On paragraph 0025, the 
following has been described. "To establish an IKE SA, the first 110 and 
second 114 gateway computers exchange digital certificates, which have been 
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digitally signed by a trusted third party certificate authority 115. 

Thereafter, when the IKE session becomes active, the first 110 and second 114 
gateway computers can establish the IPSec SA W . And on paragraph 0026, the 
following has been described. "When this is done, the IPSec SA has been 
established, and the first 110 and second 114 gateway computers store the SA 
in respective Security Association Databases (SADs) 116, 118." And nodes 
digitally signed by a trusted third party are trusted nodes and meets the 
limitation of "wherein the set of security associations includes only the 
security associations for endpoints nodes that are trusted by the node; 

Jari does not explicitly discloses 

A first memory comprising a list of trusted endpoints, the list of 
trusted endpoint being determined according to the security association re-use 
policy of the network device; 

However, in the field of endeavor Mercer discloses, 
• A first memory comprising a list of trusted endpoints, the list of 
trusted endpoint being determined according to the security association 
re-use policy of the network device;[Paragraph 0025-0026] ("In order to 
establish the IPSec SA, the first 110 and second 114 gateway computers must 
agree upon an encryption algorithm, an authentication algorithm, and have a 
shared session key. The first 110 and second 114 gateway computers must also 
provide each other with the appropriate SPI value 310, 410 to include in the IPSec 
header portion 304, 404. And all these information is interpreted as a security 
association re-use policy of the node. When this is done, the IPSec SA has been 
established, and the first 110 and second 114 gateway computers store the SA in 
respective Security Association Databases (SADs) 116, 118." Furthermore, 
Examiner would also like to point out that, Mercer on paragraph 0025, discloses 
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the following. a To establish an IKE SA, the first 110 and second 114 gateway 
computers exchange digital certificates, which have been digitally signed by a 
trusted third party certificate authority 115. Thereafter, when the IKE session 
becomes active, the first 110 and second 114 gateway computers can establish 
the IPSec SA". And on paragraph 0026, the following has been described. "When 
this is done, the IPSec SA has been established, and the first 110 and second 114 
gateway computers store the SA in respective Security Association Databases 
(SADs) 116, 118." And nodes digitally signed by a trusted third party are trusted 
nodes and meets the limitation of "wherein the set of security associations 
includes only the security associations for endpoints nodes that are trusted by the 
node. Therefore the combinations of these two paragraph meets the limitation 
recited as "the set of trusted endpoint nodes determined according to a 
security association re-use policy of the node. *) 

At last Examiner would indicate the following to show that Applicant's 
invention and the problem it tries to solve is the same as that of the reference 
used namely Jari (U.S. Patent Publication No. 2001/0020275A1) 

Applicant's invention as described on Applicant's specification is trying to 
solve the following problem: 

"Because there may be hundreds or thousands of SAs in a given communication network, 
in the event that a power down condition occurs in the network, and undesirably large 
time period is undertaken during power up to re-establish the SAs for the endpoints. For 
larger VPN devices, the time period for establishing connections may be up to one half 
hour. Such a delay is not desirable to the consumer." [Page 4, lines 5-9] 
Applicant Specification suggested that the above problem is solved with the 
following Applicant's invention. 
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" Node 30 shown on figure 1, includes SA logic 32, shown on figure 1 and a 
memory 34 shown on figure 1. [Page 6, last 2 lines of the specification and figure 1] 
Memory 34 is described as "Memory devices capable of retaining its contents during a 
power fail, such as an external, or a non-volatile on module storage device such as an 
EPROM. Stored in the memory 34 is a security association (SA) table 33. " [Page 7, lines 
1-4 of the applicant's specification] 

Security logic 32 is described as "SA logic 32 is shown to include a trusted nodes list 
35, a security association table 36 and key generation logic 37. In one embodiment, the 
key generation logic operates using the Internet Key Exchange (IKE) protocol, although 
any other types of key exchange protocols may alternatively be used, and it is important 
to note that the present invention is not limited to any particular method of key 
generation. [Page 7, lines 11-16 of the applicant's specification] 

Furthermore, as applicant indicated on page 7, lines 1 1 of the applicant's 
specification, "The memory shown on figure 1, ref. Num "34" receives the SA and 
identifier information from SA logic 32" 

Following the above, applicant described his invention as follows. 
"The list of trusted endpoints is used to select a subset of entries from the SA table 
36 for maintenance the SA table 33 of memory 34. Periodically the entries from the SA 
table 36 are copied to the SA table 33. This copying may occur upon the creation or re- 
keying of each SA, or alternatively the table may be backed up at periodic intervals to 
reflect changes in network configuration. The SA logic 32 takes advantage of the fact that 
certain endpoints are well known to each node. These endpoints are allowed a very fast 
but secure method to re-establish communications with the node in the event of a 
power failure at the node. According to one aspect of the invention, the trusted 
endpoints are permitted to use the last previously negotiated security association 
between the node and the endpoint providing that the endpoint is one indicated in the 
trusted list 35. Thus, in the event of a power fail at the node 30, the contents of the SA 
table 36 and trusted list 35 are lost. During reboot, the values from the SA table 33 in 
memory 34 are copied back into the SA table 36 and trusted list 35. When the trusted 
endpoints next seek access to the node, they prove their identity by using the last 
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previously negotiated SA to communicate with the node. If the SA used by the trusted 
endpoint corresponds to the one retrieved from memory, the endpoint is permitted to 
communicate immediately with the node, without having to undergo the time consuming 
process of re-keying the communication link. Only in the event that the SA does not 
match the retrieved SA from memory does the endpoint need to re-negotiate keys with the 
node. As a result, considerable time is saved upon power up by permitting 
previously negotiated SAs to be used with trusted endpoints. [Page 9, lines 14-page 
1 1 of the applicant's specification] 

The reference used, Namely Jari solves the same problem as indicated below, 

"In the event of a power failure or other failure within the security gateway, all 
security associations can be lost. For example, there may be of the order of 300 
such security associations and these will need to be renegotiated when the 
security gateway is operational again so as to re-establish secure 
communication. The Internet Engineering task Force (IETF) provides some 
specifications for restoring operation following such a failure and loss of the SAD 
but these techniques require a substantial amount of time before secure 
communication can be restored." [paragraph 0004] 

Jari solves the above problem the as applicant's invention as 
described in the abstract, "An IPsec-capable node 2, such as a security 
gateway 2, is provided for a virtual private network 1. The security gateway 2 
contains a CPU 4 having a volatile memory 5 in which is stored, among other 
things, a security association database for controlling secure communications 
between the network and external users. A controller 6 periodically stores the 
security association database in a disk memory 7 or other nonvolatile memory. 
When a restoration of power to the security gateway is detected following a 
power failure, the controller 6 retrieves the latest security association database 
from the memory 7 and injects it into the volatile memory 5 whose contents were 
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lost during the power failure. The security gateway 2 may then restore secure 
communication with external users." [Abstract and paragraph 0005-0026] 

Therefore Examiner as indicated above, the problem to be solved 
and the solution provided as applicant's invention, is the same as that of 
the reference on the record, namely Jari. 

The last argument presented by the applicant is towards the dependent claims. 
Examiner disagrees with the argument as the dependent claims stands and 
falls with the corresponding independent claims. 

The independent claims are not yet been written to include subject matter/ s 
which are not disclosed/ implied by the references on the record. 
Therefore all limitations recited in the independent claims are undoubtedly 
disclosed by the reference/ s on the record and the rejection is maintained until 
the applicant amends the independent claims and successfully overcome the 
rejection without introducing new matters. 



Claim Rejections - 35 USC §103 



4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 

all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 



5. Claims 1-20 are rejected are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Jari et al (hereinafter refereed as Jari) (U.S. Patent Publication No. 



2001/0020275A1) (Published on September 6, 2001) in view of Mercer et al 
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(hereinafter referred to as Mercer) (U.S. Publication No. 2003/0018908 Al) (filed on 
July 23, 2001) 

6. As per claims 1- 5 and 13-17Jari discloses a method for re-establishing 
secure communications between a node and an endpoint node including the steps 

of: [Abstract and paragraph 0037] (As it is described on the abstract, "When a 
restoration of power to the security gateway is detected following a power failure, the 
controller 6 retrieves the latest security association database from the memory 7 and 
injects it into the volatile memory 5 whose contents were lost during the power failure. 
The security gateway 2 then restore secure communication with external users/) 

• Copying, ["retrieve" see paragraph 0013 and see "injects" on the abstact] 
responsive to a reset at the node, ["restoration of power to the node" see 
paragraph 0013, abstract and 0005] a set of security associations stored in a 
memory ["a volatile memory for containing a security association database 
comprising a plurality of security associations, see paragraph 0005] to a 
working set of security associations ["security association which is injected on 
the volatile memory shown on figure 1, ref. Num 5] 

Furthermore Jari on paragraph 0032 discloses, the following, "the 
security gateway 2 controls communication between external or mobile users 
and the VPN 1 in accordance with the pre-negotiated security associations in a 
manner which is known and which will therefore not be described further 
and as indicated on paragraph". The manner, which is known, includes the 
IKE SA as described on the secondary reference on column 0024-0026], On 
paragraph 0025, the following has been described. "To establish an IKE SA, 
the first 110 and second 114 gateway computers exchange digital certificates, 
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which have been digitally signed by a trusted third party certificate 
authority 115. Thereafter, when the IKE session becomes active, the first 110 
and second 114 gateway computers can establish the IPSec SA". And on 
paragraph 0026, the following has been described. "When this is done, the IPSec 
SA has been established, and the first 110 and second 114 gateway computers 
store the SA in respective Security Association Databases (SADs) 116, 118/ 
And nodes digitally signed by a trusted third party are trusted nodes and 
meets the limitation of "wherein the set of security associations includes 
only the security associations for endpoints nodes that are trusted by the 
node; 

Jari does not explicitly discloses 

• wherein the set of security associations includes only the security 
associations for a set of trusted endpoints nodes, the set of trusted 
endpoints nodes determined according to a security association re-use 
policy of the node; 

• Receiving, at the node, a communication from the endpoint node 

• Determining whether a security association for the endpoint node is 
included in the working set of security associations; 

• responsive to a determination that the security association for the 
endpoint node is in the working set of security associations, using the 
security association to process the communication from the endpoint 
node. 

However, in the field of endeavor Mercer discloses, 

• wherein the set of security associations includes only the security 
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associations for endpoints nodes that are trusted by the 
node;[paragraph 0025-0026] ("In order to establish the IPSec SA, the first 110 
and second 114 gateway computers must agree upon an encryption algorithm, an 
authentication algorithm, and have a shared session key. The first 110 and 
second 114 gateway computers must also provide each other with the appropriate 
SPI value 310, 410 to include in the IPSec header portion 304, 404. And all these 
information is interpreted as a security association re-use policy of the node. When 
this is done, the IPSec SA has been established, and the first 110 and second 114 
gateway computers store the SA in respective Security Association Databases 
(SADs) 116, 118." Furthermore, Examiner would also like to point out that, Mercer 
on paragraph 0025, discloses the following. "To establish an IKE SA, the first 110 
and second 114 gateway computers exchange digital certificates, which have 
been digitally signed by a trusted third party certificate authority 115. Thereafter, 
when the IKE session becomes active, the first 110 and second 114 gateway 
computers can establish the IPSec SA". And on paragraph 0026, the following has 
been described. "When this is done, the IPSec SA has been established, and the 
first 110 and second 114 gateway computers store the SA in respective Security 
Association Databases (SADs) 116, 118." And nodes digitally signed by a trusted 
third party are trusted nodes and meets the limitation of "wherein the set of 
security associations includes only the security associations for endpoints nodes 
that are trusted by the node. Therefore the combinations of these two paragraph 
meets the limitation recited as "the set of trusted endpoint nodes determined 
according to a security association re-use policy of the node.") 

• Receiving, at the node [paragraph 0026 and paragraph 0030] (The 
second gate way computer 114/ node, receives the Ipsec datagram 300, 400], a 
communication from the endpoint node. [the first gateway computer 
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1 1 0/endpoint node, encrypts each IP datagram 200, forms a new IPSec 
datagram 300,400 and send it to the second gateway computer) 

• Determining whether a security association for the endpoint node is 
included in the working set of security associations; [paragraph 0026 and 
paragraph 0030], (When the second gateway computer 114 receives the IPSec 
datagram 300,400, which is sent from the gateway computer 11 0/endpoint node, 
it/ the second gateway computer 1 14/ node, looks up the IPSec SA in the SAD 
11 8/ working set of security associations/ security association Databases, shown 
on figure 1, ref Num 118) 

• responsive to a determination that the security association for the 
endpoint node is in the working set of security associations, using the 
security association to process the communication from the endpoint 
node. (Paragraph 0026 and paragraph 0030] (It looks up the IPSec SA in its SAD 
118, and this is done in order to determine that the security association for the 
endpoint node/ gateway computer 110/ is already in the SAD 11 8/ working set of 
security associations/ security association Databases and once the determination 
is made, properly processes the datagram, and forwards it to the second 
individual computer workstation 112-1). 

It would have been obvious to one having ordinary skill in the art, 
at the time the invention was made, to combine the features of including only the 
security associations for endpoints nodes that are trusted by the node; receiving, at the 
node, a communication from the endpoint node; determining whether a security 
association for the endpoint node is included in the working set of security associations; 
and responsive to a determination that the security association for the endpoint node is 
in the working set of security associations, using the security association to process the 
communication from the endpoint node as per teachings of Mercer into the method 
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taught by Jari for the purpose eliminating the need for elaborate and time consuming 
SAD/ security association Databases table lookup algorithms, which result in costly 
memory access times and complex lookup hardware. [See Mercer, paragraph 0031] 

7. As per claims 7: 10-11. 18-20 J ari discloses a network device including: 

• Security association logic [Abstract, figure 1 , ref. 4 and paragraph 
0032] (the security gateway 2 contains a CPU 4 having a volatile memory 5 in 
which stored, among other things, a security association database controlling 
secure communication between the network and external users), coupled to the 
non-volatile memory, [figure 1, ref. Num 7, abstract] for applying security 
associations to communications received by the network device [Abstract] 
(a controller 6 periodically stores the security association database in a disk 
memory 7 or other nonvolatile memory) 

• The security association logic [Figure 1, ref. Num 4] including: 

• a first memory comprising at least one entry, the 
entry comprising an endpoint identifier for each endpoint 
communicating with the network device and a security association 
associated with the each endpoint; [paragraph 0032] (The security 
gateway 2 comprises a central processing unit (CPU) 4 in the form of one or 
more programmable data processors controlled by a stored program. The 
CPU 4 includes a volatile memory 5, for example in the form of random 
access memory (RAM), for storing temporary values generated during 
operation of the CPU 4 in accordance with normal programmed data 
processor or computer techniques. During normal operation of the security 
gateway 2, the volatile memory contains, among other things, a security 
association database (SAD) in the form of a plurality of security 
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associations. For example, each security association may comprise a 
header sequence number, encryption and authentication 
algorithms and parameters, and lifetime information for the 
security association. The security gateway 2 controls communication 
between external or mobile users and the VPN 1 in accordance with the 
pre-negotiated security associations in a manner which is known and 
which will therefore not be described further.) and 

• A second memory [Figure 1, ref. Num'7], storing a subset of 
data of the first memory, the subset of data selected according to the list 
of trusted endpoints [Figure 1, ref. Num 5] (The security gateway 2 contains a 
CPU 4 having a volatile memory 5/ first memory, in which is stored, among other 
things, a security association database for controlling secure communications 
between the network and external users. A controller 6 periodically stores the 
security association database in a disk memory 7 or other nonvolatile 
memory/ second memory) 

Furthermore Jari on paragraph 0032 discloses, the security gateway 2 
controls communication between external or mobile users and the VPN 1 in 
accordance with the pre-negotiated security associations in a manner which is 
known and which will therefore not be described further and as indicated 
on paragraph"* The manner, which is known, includes the IKE SA as described 
on the secondary reference on column 0024-0026]. On paragraph 0025, the 
following has been described. "To establish an IKE SA, the first 110 and 
second 114 gateway computers exchange digital certificates, which have been 
digitally signed by a trusted third party certificate authority 115. 
Thereafter/when the IKE session becomes active, the first 110 and second 114 
gateway computers can establish the IPSec SA". And on paragraph 0026, the 
following has been described. a When this is done, the IPSec SA has been 
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established, and the first 110 and second 114 gateway computers store the SA 
in respective Security Association Databases (SADs) 116, 118/ And nodes 
digitally signed by a trusted third party are trusted nodes and meets the 
limitation of "wherein the set of security associations includes only the 
security associations for endpoints nodes that are trusted by the node; 

Jari does not explicitly discloses 

A first memory comprising a list of trusted endpoints, the list of 
trusted endpoint being determined according to the security association re-use 
policy of the network device; 

However, in the field of endeavor Mercer discloses, 
• A first memory comprising a list of trusted endpoints, the list of 
trusted endpoint being determined according to the security association 
re-use policy of the network device; [Paragraph 0025-0026] fin order to 
establish the IPSec SA, the first 110 and second 114 gateway computers must 
agree upon an encryption algorithm, an authentication algorithm, and have a 
shared session key. The first 110 and second 114 gateway computers must also 
provide each other with the appropriate SPI value 310, 410 to include in the IPSec 
header portion 304, 404. And all these information is interpreted as a security 
association re-use policy of the node. When this is done, the IPSec SA has been 
established, and the first 110 and second 114 gateway computers store the SA in 
respective Security Association Databases (SADs) 116, 118." Furthermore, 
Examiner would also like to point out that, Mercer on paragraph 0025, discloses 
the following. "To establish an IKE SA, the first 110 and second 114 gateway 
computers exchange digital certificates, which have been digitally signed by a 
trusted third party certificate authority 115. Thereafter, when the IKE session 
becomes active, the first 110 and second 114 gateway computers can establish 
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the IPSec SA". And on paragraph 0026, the following has been described. "When 
this is done, the IPSec SA has been established, and the first 110 and second 114 
gateway computers store the SA in respective Security Association Databases 
(SADs) 116, 118." And nodes digitally signed by a trusted third party are trusted 
nodes and meets the limitation of "wherein the set of security associations 
includes only the security associations for endpoints nodes that are trusted by the 
node. Therefore the combinations of these two paragraph meets the limitation 
recited as "the set of trusted endpoint nodes determined according to a 
security association reuse policy of the node.") 

It would have been obvious to one having ordinary skill in the art, 
at the time the invention was made, to combine the features of including only 
the security associations for endpoints nodes that are trusted by the node; as 
per teachings of Mercer into the method taught by Jari for the purpose of 
strengthening security and establishing secure communication. [See for 
instance, Mercer, paragraph 0012, "secure communication"] 

8. As per claim 6 the combination of Jari and Mercer_discloses as claims 
above, furthermore Jeri discloses the method further comprising in the 
event of a reset, copying the table of security associations to the working 
table of security associations. [Abstract] (When a restoration of power to the 
security gateway is detected following a power failure, the controller 6 retrieves 
the latest security association database from the memory 7 and injects it into the 
volatile memory 5 whose contents were lost during the power failure. The security 
gateway 2 may then restore secure communication with external users.) 

9. As per claim 8 the combination of Jari and Mercer_discloses as claims 
above, furthermore Jeri discloses the method wherein the second memory is a 
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non-volatile memory, [figure 1, ref. Num 7, paragraphes 0033] (Abstract, non-volatile 
memory] 

10. As per claim 9 the combination of Jari and Mercer_discloses as claims 
above, furthermore Jeri discloses the method further comprising, means 
for periodically copying the subset of data of the first memory [figure 1 , ref. 
Num 5] to the second memory [figure 1, ref. Num 7] (paragraph 0035) (During 
normal operation of the security gateway 2, the current security association 
database in the volatile memory 5 is periodically stored in the disk memory 7 by 
the controller 6) 

1 1 . As per claim 12 the combination of Jari and Mercer_discloses as claims 
above, furthermore Jeri discloses the method further comprising, 
responsive to a reset at the network device, for copying contents of second 
memory [Figure 1, ref. Num 7, abstract] to the first memory, [figure 1, ref. 
Num 5, abstract] (The following is disclosed on abstract, "When a restoration of 
power to the security gateway is detected following a power failure, the controller 
6 retrieves the latest security association database from the memory 7 and injects 
it into the volatile memory 5 whose contents were lost during the power failure. 
The security gateway 2 may then restore secure communication with external 
users. *) 

Conclusion 

12. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory 
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action is not mailed until after the end of the THREE-MONTH shortened 
statutory period, then the shortened statutory period will expire on the date the 
advisory action is mailed, and any extension fee pursuant to 37 CFR 1. 136(a) 
will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from 
the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Samson B Lemma whose telephone number is 
571-272-3806. The examiner can normally be reached on Monday-Friday (8:00 
am— 4: 30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, BARRON JR GILBERTO can be reached on 571-272-3799. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private 
PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free), 

SAMSON LEMMA 
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